Linux Network Security
Upcoming SlideShare
Loading in...5

Linux Network Security



Linux Network Security by Amr Ali at Software Freedom Day 2010

Linux Network Security by Amr Ali at Software Freedom Day 2010



Total Views
Views on SlideShare
Embed Views



9 Embeds 122 35 34 22 19 8 1 1 1 1



Upload Details

Uploaded via as OpenOffice

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Linux Network Security Linux Network Security Presentation Transcript

  • Linux Network Security Amr Ali Software Freedom Day 2010
  • What is Linux?
    • Invented by Linus Torvalds
    • A monolithic kernel View slide
    • It is a UNIX based operating system View slide
    • Very flexible modular system
    • Has a “penguin” as a mascot
    • Easily customizable at all levels
    • Can be installed on potatoes
  • Linux's Networking
    • It has support for most protocols out of the box
    • The user has full control in great details
    • Its security is state of the art
    • Scalable and can manage organizations of any size
  • What is iptables?
    • It is the user space interface for the Netfilter kernel module
    • By far is the most used firewall on Linux based systems, and second most used firewall on UNIX systems that utilize different kernel
    • Usually works on the Transport and the Internet layers
  • What is xFirewall?
    • It is a smart and configurable abstract over iptables.
    • Very system/network administrator friendly
    • Detects and blocks attempts of network reconnaissance
    • Logs unauthorized access based on allowed ports
    • Helps in defeating D/DoS attacks
    • IPv6 and 6to4 ready
  • How xFirewall works? System Reckon? Attack? xFirewall Linux Based System
  • Scanning Methods
    • Half open TCP SYN/ACK scans
    • TCP connect scan
    • UDP scan
    • XMAS scan
    • NULL scan
    • FIN scan
  • Configuring xFirewall
    • xFirewall configuration file `/etc/xfirewall.conf' contains a whitelist of rules to control who is allowed and to where
    • “ IPv6|::|tcp|22,23” will allow incoming connections from anywhere to TCP ports 22 and 23
    • “ IPv4||udp|53” will allow incoming connections from anywhere to UDP port 53
  • Download and Install xFirewall
    • You can download xFirewall v1.0 from “”
    • UnTar the package, read the `README' file, so you would know how to install it properly
    • Finally edit the configuration file, save it, and issue `sudo /etc/init.d/xfirewall start'
  • Attacker Point of View Starting Nmap 5.00 ( ) at 2010-08-10 15:58 EEST NSE: Loaded 59 scripts for scanning. Initiating SYN Stealth Scan at 15:58 Scanning [1000 ports] Discovered open port 3306/tcp on Discovered open port 587/tcp on Discovered open port 25/tcp on Discovered open port 110/tcp on Discovered open port 113/tcp on Discovered open port 8888/tcp on Discovered open port 8080/tcp on Discovered open port 111/tcp on Discovered open port 995/tcp on Discovered open port 199/tcp on Discovered open port 6699/tcp on Discovered open port 19350/tcp on Discovered open port 9535/tcp on
  • Thanks
      Questions? All presented material today will be available on my website.